The invention relates in general to data storage access and in particular to data storage access authorization.
In multi-processor, multi-entity data processing environments, a number of different devices may transmit data to a number of different possible destinations. In this environment, it is possible for a malfunctioning processor or other device to send erroneous data to a number of possible destinations including sensitive data storage areas, such as random access memory and registers. In order to avoid corruption of data in such data storage devices, a mechanism for controlling access to data devices has been implemented in the prior art.
A common prior art approach to restricting unauthorized access to a storage device involves employing one register for verification of a key value associated with proper authorization to transfer data and a separate register or other storage device for storage of the actual transmitted data, if a transfer is authorized. The key value is generally a stored value which should be matched by an incoming write request in order for the target register or target data storage device to be made accessible or unlocked.
FIG. 1 depicts a flowchart 100 for authorization to write to a selected data storage location according a prior art solution. The program generally begins at the start block 101. At step 102, the prior art method generally transmits a message to a key register to unlock a target register. At step 103 the program generally determines whether a response from the key register indicates that authorization to write to the target register has been granted. If such authorization has not been granted, the program generally polls the key register until a response is issued.
If a response granting write authorization is received, data is generally written to the target register in step 104. Afterward, the program awaits a response indicating that the write of data to the target register has been successfully completed. When a response arrives indicating successful execution of the write to the target register, the program generally writes data to the key register to again lock the target register in step 105. In step 107, the program then awaits an indication that the key register has been re-locked. It will be appreciated that during a xe2x80x9cwindow of vulnerabilityxe2x80x9d in between steps 102 and 106, assuming both steps are successful at their respective tasks, the target register may be written to not only by an intended source but is also vulnerable to being written to by any device in the surrounding computing system, thereby presenting the possibility of data corruption in the target register during the identified window of opportunity. Generally, upon receiving an indication that the key register has been successfully re-locked, the program concludes at step 108. The above approach presents certain shortcomings which are outlined below.
It is a problem in the art that three separate transactions are generally conducted in order to temporarily grant access to a usually locked target register.
It is a further problem in the art that there is a period of time (window) between unlocking and re-locking the target register by the key register and during this window, erroneous information could potentially be written to the target register
These and other objects, features and technical advantages are achieved by a system and method which incorporates user data to be written to a storage device and key data for establishing authority to write to the storage device into a single data transmission to a single target storage device. This approach preferably enables a protected write operation to be conducted in a single transaction without leaving open a window of opportunity for an erroneous data transmission to corrupt data storage in the target storage device.
In a preferred embodiment, a communication path to the target data storage device, which may be a register, memory location or other storage mechanism, is 64 bits wide, although communication paths of any width could be employed. The communication path preferably includes both user data and key data. Herein, xe2x80x9cuser dataxe2x80x9d generally refers to data which the inventive mechanism seeks to store in a target storage device, xe2x80x9ckey dataxe2x80x9d generally refers to data employed to establish authorization to store the data in the pertinent storage device, and xe2x80x9cpacketxe2x80x9d or xe2x80x9cdata packetxe2x80x9d generally refers to a combination of the user data and key data. The number of bits dedicated to each of user data and key data is variable. For example, where the communication path to the target register is 64 bits wide, 32 bits could be dedicated to user data and 32 bits to key data. Alternative distributions of bits between user data and key data may be employed and all such variations are included within the scope of the present invention.
In a preferred embodiment, a single storage device and associated controller perform the functions of receiving and storing the user data (if authorized) and establishes authorization for the storage to occur by determining whether the key data portion of the received data packet properly authorizes storage of the user data portion of the received packet. In this manner, the granting of access to the target device, the writing of user data to the target device, and the restoration of security against unauthorized writing to the target device may preferably be accomplished in single transaction. Moreover, since the user data and key data preferably arrive at the target device simultaneously, there is preferably no window of opportunity within which unauthorized data may be written to the target device.
In a preferred embodiment, an algorithm for determining the key data involves performing a boolean operation on a selection of the user data bits. Preferably, the algorithm and the user data bits upon which the algorithm is performed, is established both at the microprocessor and at one or more data storage devices which will receive the data packets containing both user data and key data. Within the various data storage devices, the algorithm for calculating key data from the user data may be fixed, or dynamically alterable in software or hardware. Where a plurality target storage devices are employed in conjunction with one or more processors, the various target storage devices may each have unique key data calculation algorithms, or alternatively, two or more target storage devices may share a common key data calculation algorithm, and all such variations are included within the scope of the present invention.
Therefore, it is an advantage of a preferred embodiment of the present invention that device access control operations and the writing of user data may be accomplished in a single write transaction.
It is a further advantage of a preferred embodiment of the present invention that the simultaneous arrival at the target device of user data and key data removes any window of opportunity within which erroneous data may overwrite data in the target storage device.
The foregoing has outlined rather broadly the features and technical advantages of the present invention in order that the detailed description of the invention that follows may be better understood. Additional features and advantages of the invention will be described hereinafter which form the subject of the claims of the invention. It should be appreciated by those skilled in the art that the conception and specific embodiment disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It should also be realized by those skilled in the art that such equivalent constructions do not depart from the spirit and scope of the invention as set forth in the appended claims. The novel features which are believed to be characteristic of the invention, both as to its organization and method of operation, together with further objects and advantages will be better understood from the following description when considered in connection with the accompanying figures. It is to be expressly understood, however, that each of the figures is provided for the purpose of illustration and description only and is not intended as a definition of the limits of the present invention.